Pinned Repositories
-
白帽子讲Web安全
--1
我的文件
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
ctf-wiki
ctf wiki online
exploitdb
The official Exploit Database repository
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
setup-ipsec-vpn
Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS
trojan-go
Go实现的Trojan代理,支持多路复用/路由功能/CDN中转/Shadowsocks混淆插件,多平台,无依赖。A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW. https://p4gefau1t.github.io/trojan-go/
vtest
用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
vulnerability-paper
收集的文章
alilash-github's Repositories
alilash-github/blackJack-Dicts
参考十余个项目整理的目录和文件字典
alilash-github/brainfuck
Collection of BF interpreters/translators in C/C++/ASM/JS/Python/Rust + others
alilash-github/conote-community
Conote 综合安全测试平台社区版。
alilash-github/CVE-2021-4034
CVE-2021-4034 1day
alilash-github/CVE-2022-0847
CVE-2022-0847
alilash-github/CVE-2022-25636
CVE-2022-25636
alilash-github/DHLYK
大灰狼远控木马 V9.5 源码
alilash-github/dingtalk-RCE
alilash-github/Fastjson
Fastjson姿势技巧集合
alilash-github/Hgame2022_writeup
HGAME2022 官方 + 校内参赛选手 Writeup
alilash-github/IPTV
本项目基于 https://github.com/iptv-org/iptv ,仅供我个人使用。
alilash-github/JDumpSpider
HeapDump敏感信息提取工具
alilash-github/JNDIExploit
A malicious LDAP server for JNDI injection attacks
alilash-github/kubernetes-hardening-guidance
《Kubernetes 加固手册》(美国国家安全局出品)- https://jimmysong.io/kubernetes-hardening-guidance
alilash-github/Log-4j-scanner
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
alilash-github/log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
alilash-github/LogXj
用于探测Log4j漏洞, 将它POC的威力最大化, POC验证成功后会立即收到目前机器的系统主机名、时间、版本号、用户名、环境变量以及Log4j路径、java版本号、中间件信息等信息.
alilash-github/OneListForAll
Rockyou for web fuzzing
alilash-github/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
alilash-github/POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
alilash-github/pyinstxtractor
PyInstaller Extractor
alilash-github/QingScan
一个漏洞扫描器粘合剂,添加目标后30款工具自动调用;支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证,SSH批量测试、vulmap。
alilash-github/ShiroAttack
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
alilash-github/ShuiZe_0x727
信息收集自动化工具
alilash-github/spider-flow
新一代爬虫平台,以图形化方式定义爬虫流程,不写代码即可完成爬虫。
alilash-github/Spring-Cloud-Gateway-CVE-2022-22947
CVE-2022-22947
alilash-github/spring-gateway-demo
Sample Spring application to Demonstrate the Gateway Actuator
alilash-github/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
alilash-github/sunlogin_rce
向日葵 RCE
alilash-github/xxl-job-rce
xxl-job未授权命令执行